Buffer Overflow Vulnerability in Lotus Notes/Domino Web Retriever
CVE-2003-0123

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Client; Lotus Domino
Vendor: CVE Published:; 18 March 2003

Summary

A buffer overflow vulnerability exists in the Web Retriever component of Lotus Notes/Domino R4.5 to R6 versions. Remote attackers can exploit this by sending a specially crafted long HTTP status line that may lead to a denial of service, causing the application to crash. This issue highlights the importance of validating input lengths to ensure robustness against such exploits.

References

http://www.cert.org/advisories/CA-2003-11.html

third-party-advisoryx_refsource_CERT

http://www.ciac.org/ciac/bulletins/n-065.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://marc.info/?l=bugtraq&m=104757545500368&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 18, 2003
Vulnerability Reserved
Mar 10, 2003